Appendix

Terms

vRA CM Framework

Configuration Management Framework

Allows Configuration management tools such as Ansible to be “first-class” citizens on the vRA blueprint canvas so they can be dragged and dropped on the canvas.

CMP

Cloud Management Platform

sudo

If using sudo with non-root user during the configuration of the inventory setup, sudoers file in Ansible Tower has the following: Allow root to run any commands anywhere

##Allow root to run any commands anywhere
root          ALL=(ALL)          ALL
[username]    ALL=(ALL)          NOPASSWD:ALL

Ansible Tower Endpoint for CM Framework

Plug-in Endpoint Details

Field	Value
Type	Select Ansible Tower

Click for Endpoint

Field	Value
Name	Copy this value to use later Enter desired endpoint name
Description	Optional

Field

Value

Name

Copy this value to use later

Enter desired endpoint name

Description

Optional

Click for Details

Field	Value
Ansible Tower Endpoint
Configuration label	No spaces, periods or special characters except underscore (`_`) and dash (`-`) Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_
Hostname	Ansible Tower URL
Username	Username used to login to Ansible Tower
Password	Corresponding password. Hostname, Username, and Password are validated against the Ansible Tower API (web) once all three are entered.
If set to true, the Ansible Tower Server instance certificate is accepted silently and the certificate is added to the trusted store	If Ansible Tower is on an internal network, a self-signed is permissible -- Select Yes. If Ansible Tower is on an external network, a Certificate Authority issued certificate should be used. Select No. If there are warnings, the user will have to open vRO Orchestrator, navigate to Library > Configuration >SSL Trust Manager > Import a certificate from URL and respond to the User action.
Ansible Tower Host Access
Configure Custom Dynamic Inventory?	Choosing Yes causes the “Dynamic Inventory Configuration” sub-tab to appear. The fields below only appear when Yes is chosen. Type if sudo user exists on Ansible Tower machine or leave blank and use root.
Command for privilege escalation (e.g. sudo)	*NOTE: sudoer file must have user be NOPASSWD, refer to Appendix A
Host Username	sudo user or root
Host Password	Corresponding password. Hostname, Username, and Password are validated against the Ansible Tower server machine once all three are entered.
Dynamic Inventory Configuration
vRO Host	vRO URL. This is auto-filled and can be overridden.
vRO Port	vRO Port. This is auto-filled and can be overridden.
vRO Username	vRO Username. This is auto-filled and can be overridden.
vRO Password	vRO Password. The vRO Host, vRO Port, vRO Username, and vRO Password are validated against the given vRO once all three are entered.
Organization and Inventory Setup
This section has rules built-in depending on if Ansible Organizations, Inventories, Inventory Sources, Groups, etc are created. Recommend starting with creating an Organization, which requires creation of everything under it – Inventories, Group, etc. *If Configure Custom Inventory? Is No, only the Organization and Inventory fields appear and are dropdowns (no create functionality). Also, no custom inventory configuration will be created (no cache or YAML config file on the Ansible Tower server).
Name	Unique name for each of the Organization, Inventory, Group, etc.
Description	Optional
Inventory Script Options	Initially, select “Create New with Latest…” and enter a name and optional description
Filters and Groups
Property Filters	Enter an optional key/value pair that exists in the vmProperties. The Job Template will be run only on a VM that has this key/value
Page Size	The maximum number of VMs to process at a time.
Group Separator	Delimiter for dynamic groups defined or chosen in the next two fields.
Add User-Defined Group	Place VMs into groups indicated after successful Job Template (playbook) run. User-defined optional.
Pre-defined Groups	Place VMs into groups indicated after successful Job Template (playbook) run. User selects one or more.
Prompt on Launch Overrides (Optional)
All the below fields are optional. If none are specified, provisioning using this Endpoint will use values contained in the Ansible Tower Job Template. In order for any of these values to have an affect, the Ansible Tower Job Template must have “PROMPT ON LAUNCH” turned on for each field.
Ignore Job Run Errors?	If Yes, Ansible Job Template failure is ignored. If No, future hook to trigger VM deprovisioning.
Get Machine Credential From list?	If Yes, the Machine Credential field is filled with relevant credentials to choose from. If No, the Machine Credential field is a user-entered text field.
Machine Credential	Either a drop down or text field. Text allows known Ansible Tower credentials, or SovLabs Template language entry.
Override Inventory in the Ansible Tower Job Template?	Indicates whether to use the Job Template’s designated Inventory, or one to be specified here. When changing this field, certain of the below fields will become visible or hidden based on rules. Yes is the default setting.
Use the Inventory from this Endpoint?	Indicates that the Inventory chosen in the Provisioning Setup sub-tab is to override the Job Template’s Inventory. Yes is the default setting.
Endpoint Inventory (read-only)	A convenience field showing what Inventory was chosen in the Provisioning Setup sub-tab. Changing this field has no effect.
Use Templated Inventory?	Indicates if a SovLabs Template Language entry for inventory overrides the Job Template’s Inventory. Defaults to the inventory picked in the Organization and Inventory Setup section.
Templated Inventory	Place VMs into groups indicated after successful Job Template (playbook) run. User selects one or more.
Extra Vars	Text allows known Ansible Tower Inventory, or an appropriate SovLabs Template Language entry for Inventory. Text allows input variables used by the Job Template’s playbook, or an appropriate SovLabs Template language entry for ExtraVars.